Discovering IPv6 with Wireshark - Babu Ram Dawadi•The most obvious is the length of the IP address...

SHARKFEST ‘10 | Stanford University | June 14 –17, 2010Trace files and coloring rules can be copied from circulating memory stick

Discovering IPv6 with WiresharkJune 16, 2010

Rolf LeutertNetwork Consultant & Trainer | Leutert NetServices | Switzerland

SHARKFEST ‘10Stanford UniversityJune 14-17, 2010

SHARKFEST ‘10 | Stanford University | June 14 –17, 2010

Introduction

IPv6 Header & Extensions

Address format, notations & types

Address Autoconfiguration

Neighbor discovery, Router discovery

Host configuration with DHCPv6

New DNS AAAA record

Transition technologies, ISATAP, Teredo, 6to4

IPv6 Routing Protocols

Session Agenda


• There are many changes from IPv4 to IPv6

• The most obvious is the length of the IP address from 32 to 128 bits

• 4 times the number of bits is not 4 times the number of addresses

• It means doubling the address space with each additional bit (96x)

• About 3,4 * 1038 possible addressable nodes

• More than 1027 addresses per person on the planet

IPv4 to IPv6 address space comparison

2001:0DB8:0000:0000:0000:0000:1428:57AB

192.168.20.30IPv4 address, 32 bits

IPv6 address, 128 bits

network prefix interface identifier

Introduction


IPv4 to IPv6 address space comparison

Let‘s assume, the whole IPv4 address space (232) with 4.2 Billion addresses is

represented by an area of 1 millimeter2

How big would be the corresponding

area with IPv6?

The equivalent area would be:

155 Millions of Earth surfaces!!!

(Earth surface area is 510 Million km²)

+

Introduction


Session Agenda

Introduction






New DNS AAAA record




Ver. HL DiffServ Payload length Ver. Traff. Class Flow Label

Identification Flag Fragment Offset

TTL Protocol Header Checksum

32 bits Source Address

32 bits Destination Address

Payload length NextHeader Hop Limit

128 Bits

Source Address

128 Bits

Destination Address

Optional fields

Optional fields

IPv4 Header

(20 Bytes without options)

IPv6 Header

(40 Bytes without extensions)

Optional

Extension Headers

Fields changed

Fields removed

Fields added

IPv6 Headers & Extensions


IPv6 Flow Label

• A Flow is a sequence of packets sent from a

particular source to a particular destination

• A Flow Label could significantly speed up

packet processing on routers

• RFC 3697 defines the use of the 20 bit IPv6

Flow Label initiated by the source nodes

• A Flow path needs to be established on all

routers on the path from the source to the

destination (e.g. RSVP)

• Not all flow process details are defined at

this point of time







IPv6 Header TCP Header

and dataNext Header

TCP

Basic header

Routing HeaderIPv6 Header TCP Header

and dataNext Header

TCP

Basic header with one extension

Next Header

Routing

Routing HeaderIPv6 Header Fragment Header

Next Header

Fragment

Basic header with two extension

Next Header

Routing

TCP Header

and dataNext Header

TCP

• IPv6 offers modular header composition adding optional information

• Basic IPv6 header can be followed by one ore more extension headers

+



Session Agenda

Introduction






New DNS AAAA record




IPv6 supports different address notation formats

+

2001:db8:0:0:0:0:1428:57ab leading zeros can be suppressed

2001:db8::1428:57ab consecutive zeros can be compressed with ::

2001:0:0:100:0:0:0:20 zero compression only once in an address

2001::100::20 invalid address

2001:0:0:100::20 valid address

2001::100:0:0:020 valid address

fe80::5efe:192.168.20.100 mixed notation, compressed

2001:db8::/64 represents the network 2001:db8:0:0::

2001:db8::1428:57ab/128 represents a single host address

2001:0DB8:0000:0000:0000:0000:1428:57AB standard notation

2001:0db8:0000:0000:0000:0000:1428:57ab notation is case insensitive

Address format & notation


Four types of addresses are defined in IPv6

• Unicast 2xxx Worldwide unique addresses

fdxx Locally valid addresses

• Multicast ffxx play an important role in IPv6,

they also replace Broadcasts

• Anycast 2xxx are unicast addresses reserved

or assigned to special functions

• Special Addresses reserved for special purposes

like DHCP, Loopback etc.

• No Broadcast anymore replaced by multicasts, this is

valid for layer 2 and layer 3

+

Address types


Unicast

• Global 2xxx Blocks managed by RIPE NCC (Europe)

Range 2001:/16 Global unicast addresses (former public)

Reserved 2002:/16 6to4 address space

Reserved 3ffe:/16 old 6Bone address

• Local

Link-Local fe80:/64 former IPv4 169.254.0.0/16 APIPA

Local fc00:/8 Centrally Assigned Unique Local

Address (ULA-central)

fd00:/8 Unique Local Address (ULA, not routed in

the Internet, former IPv4 private)

Site-Local fec0:/10 deprecated, do not use anymore

+

Address types


Multicast prefixes and scopes ff00:: /8

• Interface-local Scope ff01:: /64

• Link-local Scope ff02:: /64

• Site-local Scope ff05:: /64

• Global Scope ff0e:: /64

Multicast hosts

::1 All nodes ::b All mobile agents

::2 All routers ::c SSDP

::3 unassigned ::d All PIM router

::4 DVMPR router ::e RSVP-encapsulation

::5 OSPF IGP ::16 LLMNR

::6 OSPF IGP DR ::101 NTP server

::7 ST router ::1:1 Link name

::8 ST hosts ::1:2 All DHCP relay agents

::9 All RIP routers ::1:3 DNS & LLMNR

::a All EIGRP routers ::1:ffxx:xxxx Solicited node multicast

+

Address types


Special Addresses

• Unspecified 0:0:0:0:0:0:0:0/128 or ::/128

used as source address only

• Loopback ::1/128 (former IPv4 127.0.0.1)

local host or loopback address

• Default Gateway ::/0 used as gateway of last resort

Anycast

• These type of addresses can be used to reach certain functions which

are assigned to different servers (i.e. Root Server)

• Anycast addresses are unicast and are routed to the nearest server

RIPE NCC Root Server 2001:7fd::1 193.0.14.129

VeriSign Root Server 2001:503:c27::2:30 192.58.128.30

6to4 Relay 192.88.99.1

+

Address types


Session Agenda

Introduction






New DNS AAAA record




• An IPv6 host will autoconfigure a link-local address for each interface

• Prefix for link-local address is fe80::/64

• Interface ID is either derived from MAC address or a random value

IPv6 Stateless Address Autoconfiguration (SLAAC)

Ethernet MAC address 00 : 30 : 64 : 6b : 85 : 32

fe 80 00 00 00 00 00 00 02 30 64 ff fe 6b 85 32

IPv6 address: EUI-64 format

IPv6 address: privacy format

random value

fe 80 00 00 00 00 00 00 9c 4a e7 8a 20 38 d4 d1

+



• If a router is present, host will also autoconfigure global address

• Prefix will be obtained from router, example 2001:db8::/64

• Interface ID is either derived from MAC address or a random value

• Router indicates in advertisement if stateful configuration may be used

IPv6 Stateless Address Autoconfiguration (SLAAC)

Ethernet MAC address 00 : 30 : 64 : 6b : 85 : 32

20 01 0d b8 00 00 00 00 02 30 64 ff fe 6b 85 32

IPv6 address: EUI-64 format

IPv6 address: privacy format

random value

20 01 0d b8 00 00 00 00 9c 4a e7 8a 20 38 d4 d1

+



• Probably the most strange part of IPv6 addressing

• An IPv6 host forms a SNMA for each own unicast address in use

• The SNMA address is used for Neighbor Discovery (replacement of ARP)

• The SNMA address is derived from each unicast address in use

Solicited Node Multicast Address (SNMA)

20 01 0d b8 00 00 00 00 02 30 64 ff fe 6b 85 32

Hosts unicast address

ff 02 00 00 00 00 00 00 00 00 00 01 ff 6b 85 32

SNMA derived from unicast address: ff02::1:ff6b:8532

Hosts SNMA address

SNMA prefix ff02:0:0:0:0:1:ff00/104 24 bits



• We have to get used, that a host has many IPv6 addresses

• Most hosts support Dual Stack Architecture for IPv4 and IPv6

• IPv6 is self-configuring, but it also allows manual configuration

IPv6 Client

C:\windows\system32>ipconfig /all

Physical interfaces:

• Ethernet interface

• Wireless LAN interface

• Bluetooth interface

Logical interfaces:

• Loopback pseudo-interface

• ISATAP tunneling interface

• TEREDO tunneling interface

• 6to4 interface

IPv6 Interfaces


• IPv6 hosts and router have the following addresses:

IPv6 Host• Link-Local address for each interface

• SNMA for each own IPv6 address

• All-nodes multicast address

• Loopback address

• Assigned unicast address (if a router is present)

• Optional Multicast addresses of other groups

IPv6 Router An IPv6 router has in addition:

• Subnet-router anycast address

• All-router multicast address

• Optional other anycast addresses

• Optional Multicast addresses of other groups

+

IPv6 Interfaces


• In Windows Vista/7, each IPv6 interface is numbered with unique ‘Zone ID’

• A link-local address is automatically configured with the address prefix

fe80::/64 for each physical or logical IPv6 interface

• If a router is available, a global address is configured on interface

IPv6 Interfaces


Link Local Addresses

Global Addresses

IPv6 Interfaces


Session Agenda

Introduction






New DNS AAAA record




RTP

RIP

SNMP

TFTP

DHCP

NAT-T

ISAKMP

TCP/IP Layers

UDPTCP

Many LAN, WLAN and WAN Protocols

ApplicationPresentation

Session

Processor

Application

IP

TransportHost-to-Host

Network

Data Link

Internet

Physical

Network Interface or

Local Network

‘Application’P2P

LDAP

DNS

NIS

NFS

HTTP

SSH

SSL

FTP

POP3

SMTP

Telnet

RUNIX

ARP

NetBIOSSession Service

OSPF

SMB/

CIFS

SMB/

CIFS

NetBIOSName Service

Datagram Serv.

Microsoft

Windows

Browser

Protocol

Microsoft

Server

Message

Block

Protocol

Common

Internet File

System

OSI Layers Internet Protocol Suite

STP

ICMP

CDP

Common

Internet File

System

TCP/IP Protocols


ICMPv6UDPTCP

IPv6

UDPTCP

Many LAN, WLAN and WAN Protocols

IPv4

Application Layer

Dual stack implementation

ICMPv4

• Internet Control Message Protocol v6 (ICMPv6) plays an important role

• Many new ICMPv6 messages have been defined

TCP/IP Protocols


Neighbor Solicitation

Neighbor Advertisement

Router Solicitation

Router Advertisement

Multicast Listener Query

Multicast Listener Report

Multicast Listener Done

ICMPv6

Error and Control Messages

Multicast ListenerDiscovery (MLD)

Messages

Neighbor Discovery (ND)

Messages

Echo Request/Reply

Destination unreachable

Time exceeded

Redirect

Parameter Problem

Packet too big

IPv6

LAN, WLAN and WAN Protocols

ICMPv6 Messages


The initial client startup process includes the following steps:

Frame #

1 Link-Local autoconfiguration and Duplicate Address Detection

2 Router Discovery

3 Prefix acquisition and global address autoconfiguration

4/5 Default router neighbor discovery

6 Duplicate Address Detection with acquired global address



Physical Address (MAC) 0022:6468:8532

Link Local Address fe80::222:64ff:fe68:8532

Solicited Node Multicast ff02::1:ff68:8532

VISTA/7-Client(random option = off)


Link Local Address fe80::12d:d6a8:dd1c:b3b0

Solicited Node Multicast: ff02::1:ff1c:b3b0

VISTA/7-Client(random option = on)

ff02::1:ff68:8532

DestinationSource

Target fe80::222:64ff:fe6b:8532

ff02::1:ff1c:b3b0

Target fe80::12d:d6a8:dd1c:b3b0

::

DestinationSource

::

Client

Unknown

Subnet

Neighbor Solicitation Message


Duplicate Address Detection (DAD)



VISTA/7-Client

(random option = off)

VISTA/7-Client

(random option = on)

Router Solicitation Message

DestinationSource

Info: Link-layer address 00:22:64:6b:85:32

fe80::222:64ff:fe68:8532

ff02::2


fe80::12d:d6a8:dd1c:b3b0

ff02::2

MAC 0022:6468:8532

LLA fe80::222:64ff:fe68:8532

SNMA ff02::1:ff68:8532

MAC 0022:6468:8532

LLA fe80::12d:d6a8:dd1c:b3b0

SNMA ff02::1:ff1c:b3b0

Client

Unknown

Subnet


DestinationSource

Router Solicitation



ipv6 unicast-routing

interface FastEthernet0/1

ipv6 address 2001:CAFE:0:20::/64 eui-64

MAC 000b:fdac:c561

LLA fe80::20b:fdff:feac:c561

Global Addresses

2001:cafe:0:20:20b:fdff:feac:c561

SNMA ff02::1:ffac:c561

Router

Router Configuration:Router Advertisement

Message

DestinationSource

Info: Link-layer address 00:0b:fd:ac:c5:61

fe80::20b:fdff:feac:c561 ff02::1

Info: Flags Not managed, Not other

Info: MTU size 1500 bytes

Info: Prefix length 64

Info: Prefix 2001:cafe:0:20::

Client

Subnet

2001:cafe:0:20::




Router

DestinationSource

fe80::222:64ff:fe68:8532 ff02::1:ffac:c561

Client

Subnet

2001:cafe:0:20::

Neighbor Solicitation


VISTA-Client(random option = off)

MAC 000b:fdac:c561



Router Configuration:

MAC 0022:6468:8532

LLA fe80::222:64ff:fe68:8532

SNMA ff02::1:ff68:8532

Def.GW fe80::20b:fdff:feac:c561




Router

DestinationSource

fe80::20b:fdff:feac:c561

Client

Subnet

2001:cafe:0:20::

Neighbor Advertisement

Neighbor Advertisement Message


MAC 000b:fdac:c561



ff02::1:ff00:1

Router Configuration:

MAC 0022:6468:8532

LLA fe80::222:64ff:fe68:8532

SNMA ff02::1:ff68:8532

Def.GW fe80::20b:fdff:feac:c561

fe80::222:64ff:fe68:8532


Info: Target: fe80::20b:fdff:feac:c561




Link Local Address fe80::222:64ff:fe68:8532

Global Address

2001:cafe:0:20:222:64ff:fe6b:8532

Solicited Node Multicast ff02::1:ff68:8532

Standard Gateway fe80::20b:fdff:feac:c561


ff02::1:ff68:8532

DestinationSource

Info: Target 2001:cafe:0:20:222:64ff:fe6b:8532

::

Client


Duplicate Address Detection (DAD)

Subnet

2001:cafe:0:20::

• At this state, the client is configured with Link Local Address, Global Unicast

Address, and Default Gateway and is ready to communicate.

• Client is still missing parameters like DNS, Domain Suffixes etc.



Session Agenda

Introduction






New DNS AAAA record




Despite Address Autoconfiguration, DHCP plays an important role in

IPv6 environment. It is required to provide clients with additional

parameters like DNS server address and many other options.

DHCPv6 offers different level of control over the workstations:

Client parameters

Stateless Auto Address Config.

RFC2462

Stateless DHCP Service for IPv6RFC3736

StatefulDHCPv6RFC3315

Subnet Prefix & Mask

From Router Advertisements

(O-Flag=0 M-Flag=0)


(O-Flag=1 / M-Flag=0)


(O-Flag=1 / M-Flag=1)

Interface Identifier

Auto Configuration

Auto Configuration From DHCPv6 Server

DNS, NTP address etc.

ManualConfiguration

From DHCPv6 Server From DHCPv6 Server

O = Other Flag / M = Managed Flag



During this phase, the client is supplied with additional parameters:

Frame #

2 Router Discovery

3 Router Advertisement with ‘Other Flag’ set

6 Client contacts DHCP server

7 DHCP server delivers additional parameter like DNS, suffixes etc.





DestinationSource


fe80::222:64ff:fe68:8532 ff02::2MAC 0022:6468:8532

LLA fe80::222:64ff:fe68:8532

SSNMA ff02::1:ff68:8532

Client

Unknown

Subnet

Router Solicitation



ipv6 unicast-routing

interface FastEthernet0/1

ipv6 address 2001:CAFE:0:20::/64 eui-64

ipv6 nd other-config-flag

ipv6 dhcp relay destination

2001:CAFE:0:30::199

MAC 000b:fdac:c561


Global Addresses

2001:cafe:0:20:20b:fdff:feac:c561


Router

Router Configuration:Router Advertisement

Message

DestinationSource


fe80::20b:fdff:feac:c561 ff02::1

Info: Flags Not managed, other

Info: MTU size 1500 bytes

Info: Prefix length 64

Info: Prefix 2001:cafe:0:20::

Client

Subnet

2001:cafe:0:20::




Router

DHCP Information-request

DestinationSource

Option Request: Domain Search List

ff02::1:2

Client

Subnet

2001:cafe:0:20::

DHCP server request

Subnet

2001:cafe:0:30::

DHCP Server

2001:cafe:0:30::199

DHCP Relay-forward

fe80::222:64ff:fe68:8532

Option Request: DNS recursive name server

Option Request: Vendor-specific Information

Info: Vendor-class-data




Router

DHCP ReplyDestinationSource

fe80::20b:fdff:feac:c561

Client

Subnet

2001:cafe:0:20::

DHCP server reply

Subnet

2001:cafe:0:30::

DHCP Server

2001:cafe:0:30::199

DHCP Relay-reply

fe80::222:64ff:fe68:8532

Option Domain Search List yourdomain.ch ipv6.ch dummy.ch

Option DNS server address 2001:cafe:0:30::199

Server ID Link-layer address: 00:0d:60:b0:38:63

Client ID Link-layer address 00:22:64:6b:85:32



Router

DHCP Reply

Client

Subnet

2001:cafe:0:20::

DHCP server reply

Subnet

2001:cafe:0:30::

DHCP Server

2001:cafe:0:30::199

DHCP Relay-reply



C:\windows\system32>ipconfig /all

Ethernet-Adapter LAN-Verbindung:

Verbindungsspezifisches DNS-Suffix: ipv6.ch

Beschreibung. . . . . . . . . . . : Marvell Yukon 88E8072 PCI-E Gigabit Ethernet

Physikalische Adresse . . . . . . : 00-22-64-6B-85-32

DHCP aktiviert. . . . . . . . . . : Ja

Autokonfiguration aktiviert . . . : Ja

IPv6-Adresse. . . . . . . . . . . : 2001:cafe:0:20:222:64ff:fe6b:8532(Bevorzugt)

Verbindungslokale IPv6-Adresse . : fe80::222:64ff:fe6b:8532%13(Bevorzugt)

Lease erhalten. . . . . . . . . . : Samstag, 21. Februar 2009 11:46:04

Lease läuft ab. . . . . . . . . . : Sonntag, 1. März 2009 11:46:03

Standardgateway . . . . . . . . . : fe80::20b:fdff:feac:c561%13

DHCPv6-IAID . . . . . . . . . . . : 251667044

DHCPv6-Client-DUID. . . . . . . . : 00-01-00-01-10-D2-B9-65-00-22-64-6B-85-32

DNS-Server . . . . . . . . . . . : 2001:cafe:0:30::199

Suchliste für verbindungsspezifische DNS-Suffixe:

yourdomain.ch

ipv6.ch

dummy.ch

At this state, the client is configured with all required parameters:



Session Agenda

Introduction






New DNS AAAA record




New AAAA resource record

• Due to the unhandy IPv6 address, DNS plays an important role in IPv6

• A new resource record type AAAA (called quad-A) has been defined

• During migration, DNS servers will support dual stack IPv4/IPv6

• IPv6 record queries and response may be transmitted over IPv4 or IPv6

Enterprise

IPv4 or IPv6 Subnet

Internet

DNS Server

IPv4 Internet

Enterprise

dual stack

DNS ServerDual stack

Client

AAAA query

over IPv4

AAAA query

over IPv6

AAAA query

over IPv4

+

IPv6 Domain Name System (DNS)


• AAAA record query & response over IPv6

• AAAA record query & response over IPv4



New AAAA resource record

• Create AAAA record by entering

host name and IPv6 address

• Pointer record will be createdautomatically if selected



Session Agenda

Introduction






New DNS AAAA record




ISATAP (Intra-Site Automatic Tunnel Addressing Protocol)

• ISATAP enables easy deployment of IPv6 in existing IPv4 infrastructure

• ISATAP hosts do not require any manual configuration

• IPv6 address contains an embedded IPv4 source or destination address

• ISATAP clients uses locally assigned IPv4 address (public or private) to

create the 64-bit interface identifier

Enterprise

IPv4 Subnet

192.168.20.0

IPv4

Intranet-Router

Intra-Site tunnel over IPv4

Enterprise

IPv4 Subnet

192.168.30.0

Dual stack

Server

Dual stack

Client

192.168.20.100/24

fe80::5efe:192.168.20.100

(Hex fe80::5efe:c0a8:1464)

192.168.30.199/24

fe80::5efe:192.168.30.199

(Hex fe80::5efe:c0a8:1ec7)

+

IPv6 Transition Technologies




ISATAP (Intra-Site Automatic Tunnel Addressing Protocol)

• ISATAP can also be used to access native IPv6 destinations

• Client resolves ISATAP router IPv4 address through internal DNS

• Client request IPv6 global unicast prefix from ISATAP router

• Client sends IPv6 in IPv4 embedded packets to ISATAP router

Enterprise

IPv4 Subnet

192.168.10.0

ISATAP-Client

IPv4

Intranet-Router

IPv6 Internet

IPv6

Server

• ISATAP router unpacks embedded packets and forwards them

Hex 2001:cafe:0:30::199ISATAP-Router

DNS Server

192.168.30.99

192.168.10.100

Enterprise

IPv4 Subnet

192.168.20.0

192.168.20.1

2001:cafe:0:40::5efe:192.168.10.100

(Hex 2001:cafe:0:40:0:5efe:c0a8:a64)

+

Enterprise

IPv4 Subnet

192.168.30.0





Teredo Tunnel

• Tunneling method named after Teredo Navalis (Schiffsbohrwurm)

• Teredo encapsulates IPv6 packets within UDP/IPv4 datagram

• Most NAT Routers can forward these packets properly

• Teredo allows a client to communicate with a native IPv6 server

• Teredo Server and Teredo Relay in the Internet care for transitions

IPv4 InternetEnterprise

IPv4 Subnets

Teredo-Client NAT-Router

IPv6 Internet

Teredo Server

Teredo Relay

Server IPv6

• Teredo tunnels are set up automatically, no configuration is needed.

www.six.heise.de

+

DNS Server



Step 8

Step 5

Step 6

Step 7

(Frame# 9)

(Frame# 10)

(Frame# 11)

Step 1

Step 4

(Frame# 7)

(Frame# 8)


IPv4 Subnets

Teredo-Client (TC) NAT-Router (NR)

TC-v6 SRV-v6 TC-v4 TS-v4 Data

TC-v6 TR-v6NR-v4

IPv6 Internet

Teredo Server (TS)

Teredo Relay (TR)

Server IPv6

(SRV)

www.six.heise.de

NR-v4

TS-v4

TR-v4 SRV-v6

TC-v6

TC-v4

TC-v6 SRV-v6 NR-v4 TS-v4 Data

TS-v4 TC-v6 TR-v6TS-v4 TC-v4

TC-v6 TR-v6 TC-v4 TR-v4

TC-v6 SRV-v6Data

TC-v6 TR-v6 NR-v4 TR-v4

Echo Request

Step 2

Step 3

Bubble Packet (with IP andUDP Port of Teredo Relay)

Bubble Packet

TC-v6 SRV-v6NR-v4 DataTR-v4 TC-v6 SRV-v6 DataTR-v4 TC-v4 Echo Reply

TC-v6 SRV-v6 TC-v4 TR-v4 Data TC-v6 SRV-v6 NR-v4 TR-v4 Data TCP SYN

TR-v6

SA DA SA DA SA DA SA DA

DA SA DA SA Teredo DA SA DA SA Teredo

SA DA SA DA SA DA SA DA

SA DA SA DASA DA SA DA

DA SA DA SA DA SA DA SA

SA DA

TR-v4 TR-v4

Forwarding packet to

Teredo Relay

Replying with

Bubble packet

Teredo Tunnel initialization (Trace File IPV6_Teredo_www.six.heise.de)



Teredo Tunnel initialization



Teredo Tunnel

• When starting, a Windows-based computer using Teredo resolves the

IPv4 address of the Teredo server teredo.ipv6.microsoft.com

• By the Router solicitation/advertisement dialog through Teredo, the

client receives a valid IPv6 prefix

• When activated, the Teredo client contacts Teredo server to obtain

information such as the type of NAT that the client is behind

• If the client has only link-local or Teredo IPV6 addresses assigned, then

the DNS Client will send only queries for A records

• The client needs at least one valid IPv6 address configured (may be

manually) in order to query for AAAA records

• Windows Vista Client computers will always use IPV6 over IPV4

• A default route may have to be configured on Teredo interface:

netsh interface ipv6 add route ::/0 14 Teredo Interface ID



6to4 Tunnel

• 6to4 provides connectivity between IPv6 sites across the IPv4 Internet

• 6to4 uses the global address prefix 2002:WWXX:YYZZ::/48

• WWXX:YYZZ is the colon-hexadecimal representation of the public IPv4

• 6to4 allows to reach IPv6 Internet destinations over an IPv4 ISP

• Within a site, local IPv6 routers advertise 2002:WWXX:YYZZ:SubnetID::/64

• Client uses announced prefix to build its own address 2002:82b1:1:20::100


IPv6 Subnet

2002:82b1:1:20/64

IPv6 Client 6to4 Router 6to4 Relay Server IPv6

2002:82b1:1:20::100

130.177.0.1IPv6 Internet

www.six.heise.de

2a02:2e0:3fe:100::6

192.88.99.1

• 192.88.99.1 is the anycast address of the nearest public 6to4 relay

(Hex 82b1:1)



6to4 Tunnel setup

1. IPv6 client builds packet with IPv6 source and IPv6 destination address

2. Client forwards pure IPv6 packet to 6to4 router through IPv6 intranet

3. 6to4 router encapsulates packet in IPv4: source address 130.177. 0.1

4. 6to4 router sends the packet to Relay anycast-address 192.88.99.1

5. 6to4 relay removes IPv4 header and forwards the pure IPv6 packet


IPv6 SubnetsIPv6 Internet

www.six.heise.de

2002:82b1:1:20::100 2a02:2e0:3fe:100::6

130.177.0.1 192.88.99.1

2a02:2e0:3fe:100::62002:82b1:1:20::100

+

IPv6 Client 6to4 Router 6to4 Relay Server IPv6



Session Agenda

Introduction






New DNS AAAA record




• All major routing protocols have stable

IPv6 support

• RIP, OSPF, IS-IS and BGP have been

renewed or extended for IPv6

• All routing protocols can coexist with IPv4

routing protocols

• Static route configuration syntax is the

same as in IPv4



Routing Information Protocol - next generation (RIPng)



Open Shortest Path First - Version 3 (OSPFv3)



• Verify IPv6 readiness of your suppliers

• Verify IPv6 readiness of your applications

• IPv6 can perfectly coexist with IPv4

• Network migration can be done smoothly

• Train yourself and your people

• Wireshark is the perfect tool to learn and train

• Interesting IPv6 references:

How-to get

www.sixxs.net non-profit, non-cost service for Local Internet Registries (LIR's)

and end users

www.ipv6.org how-to articles, FAQ, technical specifications, mailing list, details

of IPv6-enabled applications, and links

Session Summary


Thank you for your attention

© SeaPics.com

Please fill in evaluation form

Date post:	18-Mar-2020
Category:	Documents
Upload:	others
View:	1 times
Download:	0 times

Discovering IPv6 with Wireshark - Babu Ram Dawadi•The most obvious is the length of the IP address...

Documents